From owner-freebsd-stable Fri May 11 2:59:48 2001 Delivered-To: freebsd-stable@freebsd.org Received: from woody.ichilton.co.uk (woody.ichilton.co.uk [216.29.174.40]) by hub.freebsd.org (Postfix) with ESMTP id B300437B423 for ; Fri, 11 May 2001 02:59:44 -0700 (PDT) (envelope-from ian@woody.ichilton.co.uk) Received: by woody.ichilton.co.uk (Postfix, from userid 1000) id 3F5AB80B4; Fri, 11 May 2001 10:59:28 +0100 (BST) Date: Fri, 11 May 2001 10:59:28 +0100 From: Ian Chilton To: freebsd-stable@freebsd.org Subject: natd locks me out Message-ID: <20010511105928.A22838@woody.ichilton.co.uk> Reply-To: Ian Chilton Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.13i Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello, I have been working on a firewall/nat on a remote Freebsd-4.2 machine I upgraded to -stable (4.3-release) Everything looked fine until I did: sh rc.firewall > firewall.out 2>&1 Then, I noticed errors and found it was because I didn't have IPDIVERT in the kernel. So, I re-compiled the kernel again, rebooted and it disappeared :( Luckly, the guy that owns the box was going past there today, so he got it back online, and said that if he disabled natd in rc.conf, by commenting out: natd_enable="YES" natd_flags="-f /etc/natd.conf" it worked again.. I was suprised at this as the firewall is still in!! So, I checked the logs and everything looked fine. With "sh rc.firewall > firewall.out 2>&1" the firewall looked fine - no errors now. I commented out some port forward stuff from natd.conf and typed: natd -f /etc/natd.conf and all seemed fine. So, I rebooted the box, and it hasn't come back. :-(( My natd.conf is like this: interface vr0 log_denied use_sockets unregistered_only (vr0 is the external i/f with a static ip and the internet connection from which I am trying to connect over..) Any ideas what's happening? Thanks! Bye for Now, Ian \|||/ (o o) /-----------------------------ooO-(_)-Ooo----------------------------\ | Ian Chilton E-Mail: ian@ichilton.co.uk | | IRC Nick: GadgetMan Backup: ichilton@www.linux.org.uk | | ICQ: 16007717 / 104665842 Web : http://www.ichilton.co.uk | |--------------------------------------------------------------------| | For people who like peace and quiet: a phoneless cord | \--------------------------------------------------------------------/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message